| Summary: | 0.8.997-8.git20110331.fc15 still saves VPN password | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Paul W. Frields <stickster> |
| Component: | NetworkManager | Assignee: | Dan Williams <dcbw> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 15 | CC: | dcbw, jistone, jrankin, mjw, mschmidt, pcfe, rdassen, tom.jenkinson, tromey, vvaldez, work.eric |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-07-29 20:57:37 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | |||
| Bug Blocks: | 494832 | ||
|
Description
Paul W. Frields
2011-04-01 16:35:14 UTC
I am seeing the same behaviour. Storing VPN passwords without the user's consent is a security risk. This is a combination problem between the import procedure for your existing connections (nm-applet) and a lack of coping with new features in NM on NetworkManager-openvpn's part. That has now been fixed upstream and the pieces will dribble into Fedora. It'll take a small fix on your part though since it's an error in the import process, which for you has already happened. More details when the update comes through... I see this too, and I didn't "import my existing connections" I worked from a fresh install of F15 I see this same problem, clean install of Fedora 15, no import used. I have to edit the connection and clear my previous password out in order to be prompted again. Is there a temporary work-around I can implement to clear this out without manually editing the connection? (In reply to comment #2) > This is a combination problem between the import procedure for your existing > connections (nm-applet) and a lack of coping with new features in NM on > NetworkManager-openvpn's part. That has now been fixed upstream and the pieces > will dribble into Fedora. Is there a pointer to the upstream fix? > It'll take a small fix on your part though since > it's an error in the import process, which for you has already happened. More > details when the update comes through... Any updates on the details? I tried to erase my old VPN connection and enter the information by hand instead of importing from a file. But that didn't help. I found Bug 691618 Comment 3 that details a successful work-around as long as the connection details are not edited with the UI after the manual change. (In reply to comment #6) > I found Bug 691618 Comment 3 that details a successful work-around as long as > the connection details are not edited with the UI after the manual change. Thanks. Editing /etc/NetworkManager/system-connections/<name> and setting password-flags=3 in the [vpn] section worked! Finally the password isn't saved anymore. This issue should be fixed by: https://admin.fedoraproject.org/updates/NetworkManager-0.8.9997-6.git20110721.fc15,NetworkManager-openswan-0.8.999-2.git20110721.fc15,NetworkManager-openvpn-0.8.9997-2.git20110721.fc15,NetworkManager-vpnc-0.8.999-3.git20110721.fc15,NetworkManager-pptp-0.8.999-2.git20110721.fc15 |